Rails 6.1.x

NES Release Notes

6.1.7.21

Notes

  • This is the initial release of the NES Rails 6.1.x series.

Bug Fixes

  • CVE-2024-47889 (actionmailer) – Fixed a possible ReDoS vulnerability in block_format in Action Mailer.
  • CVE-2024-47887 (actionpack) – Fixed a possible ReDoS vulnerability in HTTP Token authentication in Action Controller.
  • CVE-2024-54133 (actionpack) – Fixed a possible Content Security Policy bypass in Action Dispatch.
  • CVE-2024-41128 (actionpack) – Fixed a possible ReDoS vulnerability in query parameter filtering in Action Dispatch.
  • CVE-2024-47888 (actiontext) – Fixed a possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
Rails 5.2.x
NES Release Notes
Previous Article